狗蛋备份恢复技能。备份 OpenClaw 核心文件(SOUL.md, AGENTS.md, IDENTITY.md, USER.md, TOOLS.md)和记忆层(memory/)到 OneDrive,支持实时监控备份和定时备份,可从云端恢复。
Security Analysis
medium confidenceThe skill's files and instructions match its stated purpose (backing up OpenClaw files to OneDrive); the main issues are a few implementation/metadata inconsistencies and operational cautions rather than evidence of malicious behavior.
Skill name/description, SKILL.md, and the included scripts all align: they monitor OpenClaw core files and back up the memory directory to a OneDrive remote. However, the registry metadata declares no required binaries while the SKILL.md and scripts explicitly depend on rclone, inotifywait (inotify-tools) and tar — this mismatch is inconsistent and should be corrected.
Runtime instructions and scripts operate on the intended paths (workspace files and memory/) and only send data to the configured OneDrive remote via rclone. No instructions ask the agent to read unrelated system credentials or exfiltrate data to unexpected endpoints. Notes: scripts use absolute paths under /root/.openclaw, assume a remote named 'OneDrive' is configured, and instruct starting a background inotify process (nohup).
No install spec is present (instruction-only), and the included scripts run locally without downloading code from external/unknown URLs. This is lower risk than a networked installer. The skill will still write logs and temporary archives under /root/.openclaw/backup when run.
The skill declares no required env vars/credentials, which is reasonable because it relies on rclone's existing config for OneDrive. However, rclone's configuration contains access tokens/credentials — the SKILL.md assumes the user has a configured OneDrive remote named 'OneDrive' but the skill does not explicitly document or request that configuration. Also the backups include sensitive core files (IDENTITY.md, USER.md, etc.), so requiring a cloud remote without recommending encryption or access controls is an operational/privacy concern.
always is false and the skill does not request to auto-enable itself system-wide. The scripts are intended to be started manually (nohup) or scheduled; nothing in the package attempts to modify other skills or system-wide agent settings.
Guidance
This skill appears to do what it claims, but review and configure it carefully before use: - Verify rclone is installed and you have a OneDrive remote named exactly 'OneDrive' (or edit the scripts/ONEDRIVE variable). The registry metadata failing to declare these binaries is an inconsistency — don't assume they exist. - Because the backups contain sensitive core files (IDENTITY.md, USER.md, etc.), use rclone's crypt remote or other encryption to protect backups in OneDrive and ensure the OneDrive account is secured (strong auth, MFA). - The scripts use hard-coded paths under /root/.openclaw. Run them as the intended user or update the paths to your environment to avoid accidental writes as root. - The restore script has fairly permissive copy logic (cp -n, cp -rn) and extracts archives to a temporary dir; run --dry-run first and inspect the contents before permitting restores. Consider testing restore on an isolated environment. - Consider running the monitor as a managed service (systemd) instead of nohup so it restarts reliably and runs under a non-root user with least privilege. - If you need the registry to reflect the skill accurately, ask the publisher to add declared required binaries (rclone, inotify-tools, tar) to the metadata and to document OneDrive setup requirements. If you want, I can point out exact lines to change (paths, ONEDRIVE name), suggest a minimal systemd unit, or show how to enable rclone crypt before enabling automatic backups.
Latest Release
v1.0.1
新增本地恢复功能,支持从本地备份文件恢复,无需 rclone
Popular Skills
Published by @Michael-crazy on ClawHub
